alistairphillips.com

I’m : a web and mobile developer based in the Manning Valley, Australia.


syslog on Apple Mac OS X Leopard

To enable remote syslog events you'll need to do the following:

pico /System/Library/LaunchDaemons/com.apple.syslogd.plist

In this file follow the comments to enable the network listener. You'll want to end up with something like this:

<!--
    Un-comment the following lines to enable the network syslog protocol listener.
-->
        <key>NetworkListener</key>
        <dict>
            <key>SockServiceName</key>
            <string>syslog</string>
            <key>SockType</key>
            <string>dgram</string>
        </dict>

Then a restart of the service is in order. After this if you fire up Console.app and browse 'All Messages' anything logged by other devices will be shown over here. Working fine with the Netgear DG834G router when set to "Syslog > Broadcast on LAN".

sudo launchctl unload /System/Library/LaunchDaemons/com.apple.syslogd.plist sudo launchctl load /System/Library/LaunchDaemons/com.apple.syslogd.plist

Now all that's left todo is to figure out a way to identity posts from the router and shove 'em out via Growl. If you're curious here is a sample entry from /private/var/log/system.log From this I guess what I need to grep for is my IP address?

13/06/2009 23:29:22 TCP Packet - Source[2147483647] 61.139.105.163 Destination:78.105.139.32 - [PORT SCAN]